US20130347069A1 - Referer verification apparatus and method - Google Patents

Referer verification apparatus and method Download PDF

Info

Publication number
US20130347069A1
US20130347069A1 US13/609,126 US201213609126A US2013347069A1 US 20130347069 A1 US20130347069 A1 US 20130347069A1 US 201213609126 A US201213609126 A US 201213609126A US 2013347069 A1 US2013347069 A1 US 2013347069A1
Authority
US
United States
Prior art keywords
referer
verification
urls
web page
captcha
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Granted
Application number
US13/609,126
Other versions
US8893233B2 (en
Inventor
Chul-woo Lee
Deok-Jin Kim
Byoung-Jin Han
Byung-Chul BAE
Sang-Woo Park
Man-hee Lee
E-Joong YOON
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Electronics and Telecommunications Research Institute
Original Assignee
Electronics and Telecommunications Research Institute
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Priority to KR1020120067734A priority Critical patent/KR101369743B1/en
Priority to KR10-2012-0067734 priority
Application filed by Electronics and Telecommunications Research Institute filed Critical Electronics and Telecommunications Research Institute
Assigned to ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE reassignment ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: HAN, BYOUNG-JIN, BAE, BYUNG-CHUL, PARK, SANG-WOO, YOON, E-JOONG, KIM, DEOK-JIN, LEE, CHUL-WOO, LEE, MAN-HEE
Publication of US20130347069A1 publication Critical patent/US20130347069A1/en
Application granted granted Critical
Publication of US8893233B2 publication Critical patent/US8893233B2/en
Application status is Active legal-status Critical
Adjusted expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • G06F21/51Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems at application loading time, e.g. accepting, rejecting, starting or inhibiting executable software based on integrity or source reliability
    • GPHYSICS
    • G06COMPUTING; CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2119Authenticating web pages, e.g. with suspicious links

Abstract

A referer verification apparatus and method for controlling web traffic having malicious code are provided. In the referer verification method, whether a referer is present in a Hypertext Transfer Protocol (HTTP) packet is determined. If it is determined that the referer is present in the HTTP packet, Uniform Resource Locators (URLs) are extracted from a referer web page corresponding to the referer. The referer is verified based on a URL corresponding to a referer verification request received from a server and the extracted URLs. A Completely Automated Public Test to tell Computers and Humans Apart (CAPTCHA) verification procedure conducted by a user is performed based on results of the verification of the referer.

Description

    CROSS REFERENCE TO RELATED APPLICATION
  • This application claims the benefit of Korean Patent Application No. 10-2012-0067734, filed on Jun. 25, 2012, which is hereby incorporated by reference in its entirety into this application.
  • BACKGROUND OF THE INVENTION
  • 1. Technical Field
  • The present invention relates generally to a referer verification apparatus and method. More particularly, the present invention relates to a referer verification apparatus and method which control web traffic having malicious code.
  • 2. Description of the Related Art
  • Technology for detecting malicious code is based on a host or a network, or is present in a hybrid form. Also, anti-virus products are mainly used to detect malicious code in a Personal Computer (PC).
  • Technology for detecting malicious code based on a host has a larger amount of information that can be observed than does technology based on a network, so that malicious code can be more precisely detected. However, this technology is disadvantageous in that performance is deteriorated because internal PC resources are consumed. Further, since current anti-virus products are mainly operated based on signatures, there is a disadvantage in that a lot of time may be required to detect or block code suspected of being malicious.
  • Along with the above disadvantages, in consideration of the fact that recent malicious code abides by normal behavior similar to that of a normal application in the PC and performs network communication operation, technologies for detecting malicious code based on a network have been proposed.
  • For example, a paper “NetGator: Malware Detection Through Program Interactive Proofs” is intended to detect malicious code (malware) by distinguishing web browser software, which uses Hypertext Transfer Protocol (HTTP)/Hypertext Transfer Protocol over Secure Sockets Layer (HTTPS), from malware using a technique called authentication code execution verification. This technology then blocks malicious code traffic by means of such detection, but is problematic in that other normal applications are not verified.
  • Further, U.S. patent application Ser. No. 757,675 (Malware Detector) improves the convenience of a user by authenticating applications, but it is problematic in that all HTTP traffic is not necessarily authenticated regardless of the protocol used by an application.
  • SUMMARY OF THE INVENTION
  • Accordingly, the present invention has been made keeping in mind the above problems occurring in the prior art, and an object of the present invention is to provide a referer verification apparatus and method which control web traffic having malicious code.
  • In accordance with an aspect of the present invention to accomplish the above object, there is provided a referer verification method including determining whether a referer is present in a Hypertext Transfer Protocol (HTTP) packet; if it is determined that the referer is present in the HTTP packet, extracting Uniform Resource Locators (URLs) from a referer web page corresponding to the referer; verifying the referer based on a URL corresponding to a referer verification request received from a server and the extracted URLs; and performing a Completely Automated Public Test to tell Computers and Humans Apart (CAPTCHA) verification procedure conducted by a user based on results of the verification of the referer.
  • Preferably, the referer verification method may further include, before verifying the referer, parsing the HTTP packet and determining based on results of the parsing whether a cache is present; and determining whether to perform the verifying the referer depending on results of determining whether the cache is present.
  • Preferably, the extracting the URLs may include identifying URLs statically described in the referer web page and then extracting static URLs.
  • Preferably, the extracting the URLs may include identifying URLs generated by a plurality of pieces of code executed on the referer web page and then extracting dynamic URLs.
  • Preferably, the performing the CAPTCHA verification procedure may correspond to a procedure of verifying malicious code traffic using a cognitive response of the user.
  • In accordance with another aspect of the present invention to accomplish the above object, there is provided a referer verification apparatus including a server communication unit for receiving a referer verification request from a server and transferring results of the verification corresponding to the received request to the server; a Uniform Resource Locator (URL) extraction unit for, if a referer is present in a Hypertext Transfer Protocol (HTTP) packet corresponding to the referer verification request, extracting URLs from a reefer web page corresponding to the referer; a referer verification unit for verifying the referer based on a URL corresponding to the referer verification request and the extracted URLs; and a Completely Automated Public Test to tell Computers and Humans Apart (CAPTCHA) request management unit for performing a CAPTCHA verification procedure conducted by a user based on results of the verification of the referer.
  • Preferably, the referer verification apparatus may further include a preprocessing unit for parsing the HTTP packet, determining based on results of the parsing whether a cache is present, and determining based on results of the determination whether to verify the referer.
  • Preferably, the URL extraction unit may identify URLs statically described in the referer web page and then extracts static URLs.
  • Preferably, the URL extraction unit may identify URLs generated by a plurality of pieces of code executed on the referer web page and then extracts dynamic URLs.
  • Preferably, the CAPTCHA verification procedure may correspond to a procedure of verifying malicious code traffic using a cognitive response of the user.
  • BRIEF DESCRIPTION OF THE DRAWINGS
  • The above and other objects, features and advantages of the present invention will be more clearly understood from the following detailed description taken in conjunction with the accompanying drawings, in which:
  • FIG. 1 is a configuration diagram schematically showing an environment to which a referer verification apparatus for controlling web traffic having malicious code is applied according to an embodiment of the present invention;
  • FIG. 2 is a configuration diagram showing a server according to an embodiment of the present invention;
  • FIG. 3 is a configuration diagram showing a referer verification apparatus according to an embodiment of the present invention;
  • FIG. 4 is a flowchart showing a verification procedure performed between the referer verification apparatus for controlling web traffic having malicious code and the server according to an embodiment of the present invention; and
  • FIG. 5 is a flowchart showing a referer verification procedure performed by the referer verification unit and the URL extraction unit of the referer verification apparatus according to an embodiment of the present invention.
  • DESCRIPTION OF THE PREFERRED EMBODIMENTS
  • The present invention will be described in detail below with reference to the accompanying drawings. In the following description, redundant descriptions and detailed descriptions of known functions and elements that may unnecessarily make the gist of the present invention obscure will be omitted. Embodiments of the present invention are provided to fully describe the present invention to those having ordinary knowledge in the art to which the present invention pertains. Accordingly, in the drawings, the shapes and sizes of elements may be exaggerated for the sake of clearer description.
  • Hereinafter, a referer verification apparatus and method for controlling web traffic having malicious code according to an embodiment of the present invention will be described in detail with reference to the attached drawings.
  • FIG. 1 is a configuration diagram schematically showing an environment to which a referer verification apparatus for controlling web traffic having malicious code is applied according to an embodiment of the present invention. FIG. 2 is a configuration diagram showing a server according to an embodiment of the present invention, and FIG. 3 is a configuration diagram showing a referer verification apparatus according to an embodiment of the present invention.
  • Referring to FIG. 1, a referer verification environment for controlling web traffic, having malicious code according to an embodiment of the present invention includes a server 100 and a referer verification apparatus 200.
  • The server 100 transfers a Hypertext Transfer Protocol (HTTP) packet corresponding to a target, the referer of which is to be verified, to the referer verification apparatus 200, receives the results of the verification of a referer corresponding to the HTTP packet, and then determines whether to block communication.
  • Referring to FIG. 2, the server 100 includes a referee request management unit 110, an analysis unit 120, and a communication management unit 130.
  • The referer request management unit 110 transfers an HTTP packet desired to be verified to the referer verification apparatus 200, and receives the results of the verification of the referer corresponding to the HTTP packet.
  • The analysis unit 120 determines whether to block the flow of communication, that is, traffic, based on the results of the referer verification and a management list.
  • The communication management unit 130 manages the flow of communication depending on the results of the determination by the analysis unit 120, and manages a list related to the flow of communication.
  • The referer verification apparatus 200 performs a referer verification procedure for an imp packet desired to be verified by the server 100 and a Completely Automated Public Test to tell Computers and Humans Apart (CAPTCHA) verification procedure and takes charge of the management of a cache.
  • Referring to FIG. 3, the referee verification apparatus 200 includes a server communication unit 210, a preprocessing unit 220, a referer verification unit 230, a Uniform Resource Locator (URL) extraction unit 240, a cache management unit 250, a CAPTCHA request management unit 260, a user communication unit 270, and a result management unit 280.
  • The server communication unit 210 receives a referer verification request from the server 100, and transfers the results of the verification corresponding to the referer verification request to the server 100.
  • The preprocessing unit 220 performs a preprocessing procedure before the referer verification unit 230 verifies the referer information. Here, the preprocessing procedure is configured to parse an HTTP packet received along with the referer verification request, determine based on the results of the parsing whether a cache is present, and then determines whether to verify the referer depending on whether a cache is present. Here, the preprocessing unit 220 allows the referer verification unit 230 to perform the referer verification procedure if it is determined that a cache is not present.
  • The referer verification unit 230 performs the referer verification procedure of verifying referer information.
  • In detail, the referer verification unit 230 performs the procedure of verifying whether a referer is present in the HTTP packet, the procedure of verifying the validity of a URL corresponding to the referer verification request and that of the referer, etc.
  • The URL extraction unit 240 extracts dynamic and static URLs from a referer web page corresponding to the referer verification request processed by the refer verification unit 230.
  • In detail, the URL extraction unit 240 identifies URLs, which are statically described in the referer web page, and extracts the results of the identification, that is, static URLs. Further, the URL extraction unit 240 identifies URLs generated by pieces of code having various formats executed on the referer web page, and extracts the results of the identification, that is, dynamic URLs.
  • Further, the cache management unit 250 adds the URLs extracted by the URL extraction unit 240 to a referer cache.
  • The CAPTCHA request management unit 260 performs secondary verification conducted by the user, that is, a CAPTCHA verification procedure. Hew the term “CAPTCHA verification procedure” denotes the procedure of verifying malicious code traffic using the cognitive response of the user.
  • The user communication unit 270 performs communication with the communication module of the user so that the secondary verification can be conducted by the user in the CAPTCHA request management unit 260.
  • The result management unit 280 may manage the results of the referer verification procedure performed by the referer verification unit 230, that is, verification results, and transfer the verification results to the server 100 via the server communication unit 210.
  • Next, a referer verification method for controlling web traffic having malicious code will be described in detail below with reference to FIG. 4.
  • FIG. 4 is a flowchart showing a verification procedure performed between the referer verification apparatus for controlling web traffic having malicious code and the server according to an embodiment of the present invention.
  • Referring to FIG. 4, the server 100 makes a referer verification request to the referer verification apparatus 200 at step S401. In this case, the server 100 transfers an HTTP packet desired to be verified along with the request.
  • The referer verification apparatus 200 parses the HTTP packet received along with the referer verification request at step S402.
  • The referer verification apparatus 200 determines whether the corresponding result is in the cache based on the results of the parsing of the HTTP packet at step S403.
  • The referer verification apparatus 200 performs a referer verification procedure at step S404 if the corresponding result is not in the cache. Here, the referer verification procedure includes the procedure of verifying whether a referer is present in the HTTP packet, the procedure of verifying the validity of a URL corresponding to the referer verification request and that of the referer, etc.
  • The referer verification apparatus 200 determines based on the results of the referer verification at step S404 whether a valid referer is present at step S405.
  • If it is determined that a valid referer is not present, the referer verification apparatus 200 requests the communication module of the user to perform a CAPTCHA verification procedure on the basis of the results of the referer verification at step S406, and receives the results of the CAPTCHA verification, corresponding to the results of the request at step S406, at step S407.
  • The referer verification apparatus 200 transfers the results of the verification corresponding to the referer verification request, that is, cache information obtained when the cache is present at step S403, the results of the referer verification procedure obtained when the referer is present at step S405, that is, the results of the referer verification, and the results of the CAPTCHA verification received at step S407, to the server 100 at step S408.
  • The server 100 analyzes the results of the verification corresponding to the referer verification request at step S409, and determines based on the results of the analysis whether to block communication at step S410.
  • Next, a referer verification procedure performed by the referer verification unit and the URL extraction unit of the referer verification apparatus will be described in detail below with reference to FIG. 5.
  • FIG. 5 is a flowchart showing a referer verification procedure performed by the referer verification unit and the URL extraction unit of the referer verification apparatus according to an embodiment of the present invention.
  • Referring to FIG. 5, the referer verification unit 230 makes a referer web page request at step S501 and also makes a URL extraction request, corresponding to the referer web page request made at step S501, at step S502 in order to obtain dynamic and static URLs from a referer web page before a referer verification procedure is performed.
  • The URL extraction unit 240 checks the results of the determination made by the preprocessing unit 220 as to whether the corresponding result is in the cache at step S503.
  • The URL extraction unit 240 generates a corresponding cache if it is determined at step S503 that the corresponding result is not in the cache at step S504.
  • The URL extraction unit 240 identifies URLs statically described in the referer web page, based on the cache and extracts the results of the identification, that is, static URLs, at step S505.
  • Next, the URL extraction unit 240 identifies URLs generated by pieces of code having various formats executed on the referer web page, based on the cache, and extracts the results of the identification, that is, dynamic URLs, at step S506.
  • The URL extraction unit 240 adds the URLs extracted at steps S505 and S506 to the referer cache at step S507.
  • The URL extraction unit 240 transfers the URLs extracted at steps S505 and S506 to the referer verification unit 230 at step S508.
  • The referer verification unit 230 performs a referer verification procedure based on whether the URL requested at step S502 is present in the URLs received from the URL extraction unit 240, that is, a set of URLs present in the referer web page (including static and dynamic URLs) at step S509.
  • The referer verification unit 230 transmits the results of the referer verification procedure performed at step S509, that is, referer verification results, to outside the referer verification apparatus at step S510.
  • As described above, the present invention provides a method that performs two verification procedures, that is, a referer verification procedure for HTTP traffic and a CAPTCHA authentication (verification) procedure, at a network web traffic induction time point at which malicious code starts behaving maliciously, and thereafter blocks or permits traffic suspected of being malicious behavior, depending on the results of the procedures.
  • The present invention can more rapidly perform verification because an additional operation such as signature input is not required and an overhead additionally required to perform verification is reduced by an anticipative caching procedure.
  • According to the embodiments of the present invention, a referer verification apparatus and method can effectively identify and block malicious code traffic by means of a referer verification procedure for HTTP traffic and a CAPTCHA verification procedure, without requiring procedures, such as protocol analysis and the input of an additional detection signature that result in a large overhead.
  • As described above, optimal embodiments of the present invention have been disclosed in the drawings and the specification. Although specific terms have been used in the present specification, these are merely intended to describe the present invention and are not intended to limit the meanings thereof or the scope of the present invention described in the accompanying claims. Therefore, those skilled in the art will appreciate that various modifications and other equivalent embodiments are possible from the embodiments. Therefore, the technical scope of the present invention should be defined by the technical spirit of the claims.

Claims (10)

What is claimed is:
1. A referer verification method comprising:
determining whether a referer is present in a Hypertext Transfer Protocol (HTTP) packet;
if it is determined that the referer is present in the HTTP packet, extracting Uniform Resource Locators (URLs) from a referer web page corresponding to the referer;
verifying the referer based on a URL corresponding to a referer verification request received from a server and the extracted URLs; and
performing a Completely Automated Public Test to tell Computers and Humans Apart (CAPTCHA) verification procedure based on results of the verification of the referer.
2. The referer verification method of claim 1, further comprising, before verifying the referer:
parsing the HTTP packet; and
searching a cache using the HTTP packet.
3. The referer verification method of claim 1, wherein the extracting the URLs comprises identifying URLs statically described in the referer web page and then extracting static URLs.
4. The referer verification method of claim 1, wherein the extracting the URLs comprises identifying URLs generated by a plurality of pieces of code executed on the referer web page and then extracting dynamic URLs.
5. The referer verification method of claim 1, wherein the performing the CAPTCHA verification procedure corresponds to a procedure of verifying malicious code traffic using a cognitive response of the user.
6. A referer verification apparatus comprising:
a server communication unit for receiving a referer verification request from a server and transferring results of the verification corresponding to the received request to the server;
a Uniform Resource Locator (URL) extraction unit for, if a referer is present in a Hypertext Transfer Protocol (HTTP) packet corresponding to the referer verification request, extracting URLs from a referer web page corresponding to the referer;
a referer verification unit for verifying the referer based on a URL corresponding to the referer verification request and the extracted URLs; and
a Completely Automated Public Test to tell Computers and Humans Apart (CAPTCHA) request management unit for performing a CAPTCHA verification procedure based on results of the verification of the referer.
7. The referer verification apparatus of claim 6, further comprising a preprocessing unit for parsing the HTTP packet and searching a cache.
8. The referer verification apparatus of claim 6, wherein the URL extraction unit identifies URLs statically described in the referer web page and then extracts static URLs.
9. The referer verification apparatus of claim 6, wherein the URL extraction unit identifies URLs generated by a plurality of pieces of code executed on the referer web page and then extracts dynamic URLs.
10. The referer verification apparatus of claim 6, wherein the CAPTCHA verification procedure corresponds to a procedure of verifying malicious code traffic using a cognitive response of the user.
US13/609,126 2012-06-25 2012-09-10 Referer verification apparatus and method Active 2033-01-02 US8893233B2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
KR1020120067734A KR101369743B1 (en) 2012-06-25 2012-06-25 Apparatus and method for verifying referer
KR10-2012-0067734 2012-06-25

Publications (2)

Publication Number Publication Date
US20130347069A1 true US20130347069A1 (en) 2013-12-26
US8893233B2 US8893233B2 (en) 2014-11-18

Family

ID=49775616

Family Applications (1)

Application Number Title Priority Date Filing Date
US13/609,126 Active 2033-01-02 US8893233B2 (en) 2012-06-25 2012-09-10 Referer verification apparatus and method

Country Status (2)

Country Link
US (1) US8893233B2 (en)
KR (1) KR101369743B1 (en)

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103686404A (en) * 2013-12-04 2014-03-26 康佳集团股份有限公司 Method and system for playing pictures of set top box for mobile terminal
CN104079429A (en) * 2014-05-22 2014-10-01 汉柏科技有限公司 Hotlinking prevention method based on referer field and Web gateway
CN104135507A (en) * 2014-06-30 2014-11-05 北京奇艺世纪科技有限公司 A method and a device for hotlink protection
CN105847262A (en) * 2016-03-31 2016-08-10 乐视控股(北京)有限公司 Anti-stealing-link method and system
CN107566916A (en) * 2017-09-04 2018-01-09 北京世纪鼎点软件有限公司 The access process control method and device of Internet video link

Families Citing this family (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN107241343A (en) * 2017-06-30 2017-10-10 环球智达科技(北京)有限公司 The acquisition methods of Digital verification code based on redis

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8286248B1 (en) * 2007-02-01 2012-10-09 Mcafee, Inc. System and method of web application discovery via capture and analysis of HTTP requests for external resources
US8316429B2 (en) * 2006-01-31 2012-11-20 Blue Coat Systems, Inc. Methods and systems for obtaining URL filtering information
US8555269B2 (en) * 2005-05-16 2013-10-08 Armorize Technologies, Inc. System and method for securing web application code and verifying correctness of software
US8572737B2 (en) * 2010-04-01 2013-10-29 Cloudflare, Inc. Methods and apparatuses for providing internet-based proxy services

Family Cites Families (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8181246B2 (en) * 2007-06-20 2012-05-15 Imperva, Inc. System and method for preventing web frauds committed using client-scripting attacks
US8935773B2 (en) 2009-04-09 2015-01-13 George Mason Research Foundation, Inc. Malware detector
KR101109563B1 (en) * 2010-06-28 2012-01-31 전덕조 Apparatus and method for guranteeing internet service
KR101132573B1 (en) * 2011-11-23 2012-04-05 주식회사 윈스테크넷 Defense system of automatic code attack that threaten web server and defense method thereof

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8555269B2 (en) * 2005-05-16 2013-10-08 Armorize Technologies, Inc. System and method for securing web application code and verifying correctness of software
US8316429B2 (en) * 2006-01-31 2012-11-20 Blue Coat Systems, Inc. Methods and systems for obtaining URL filtering information
US8286248B1 (en) * 2007-02-01 2012-10-09 Mcafee, Inc. System and method of web application discovery via capture and analysis of HTTP requests for external resources
US8572737B2 (en) * 2010-04-01 2013-10-29 Cloudflare, Inc. Methods and apparatuses for providing internet-based proxy services

Cited By (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN103686404A (en) * 2013-12-04 2014-03-26 康佳集团股份有限公司 Method and system for playing pictures of set top box for mobile terminal
CN104079429A (en) * 2014-05-22 2014-10-01 汉柏科技有限公司 Hotlinking prevention method based on referer field and Web gateway
CN104135507A (en) * 2014-06-30 2014-11-05 北京奇艺世纪科技有限公司 A method and a device for hotlink protection
CN105847262A (en) * 2016-03-31 2016-08-10 乐视控股(北京)有限公司 Anti-stealing-link method and system
CN107566916A (en) * 2017-09-04 2018-01-09 北京世纪鼎点软件有限公司 The access process control method and device of Internet video link

Also Published As

Publication number Publication date
KR20140011515A (en) 2014-01-29
KR101369743B1 (en) 2014-03-06
US8893233B2 (en) 2014-11-18

Similar Documents

Publication Publication Date Title
TWI475860B (en) Relevance portable device
Chen et al. Oauth demystified for mobile application developers
KR101497742B1 (en) System and method for authentication, data transfer, and protection against phising
US20110271343A1 (en) Apparatus, system and method for detecting malicious code
US9032516B2 (en) System and method for detecting malicious script
US20120198528A1 (en) Methods and systems to detect attacks on internet transactions
KR101122646B1 (en) Method and device against intelligent bots by masquerading virtual machine information
US20160337380A1 (en) Systems and methods for malware detection and scanning
US9413781B2 (en) System and method employing structured intelligence to verify and contain threats at endpoints
AU2006200688B2 (en) Internet security
US8429734B2 (en) Method for detecting DNS redirects or fraudulent local certificates for SSL sites in pharming/phishing schemes by remote validation and using a credential manager and recorded certificate attributes
US20130263263A1 (en) Web element spoofing prevention system and method
US8869279B2 (en) Detecting web browser based attacks using browser response comparison tests launched from a remote source
US20140096246A1 (en) Protecting users from undesirable content
CN102419808B (en) Method, device and system for detecting safety of download link
US8677481B1 (en) Verification of web page integrity
US8286225B2 (en) Method and apparatus for detecting cyber threats
US8706866B2 (en) Virtual server and method for identifying zombie, and sinkhole server and method for integratedly managing zombie information
US20140173709A1 (en) Secure user attestation and authentication to a remote server
CN101964025A (en) XSS (Cross Site Scripting) detection method and device
CN102088379B (en) Detecting method and device of client honeypot webpage malicious code based on sandboxing technology
CN104246788A (en) Detection and prevention of installation of malicious mobile applications
CN103918222A (en) System and method for detection of denial of service attacks
CN102855274B (en) Method and apparatus for detection of suspicious processes
CN101312393B (en) Detection method and system for SQL injection loophole

Legal Events

Date Code Title Description
AS Assignment

Owner name: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTIT

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:LEE, CHUL-WOO;KIM, DEOK-JIN;HAN, BYOUNG-JIN;AND OTHERS;SIGNING DATES FROM 20120820 TO 20120827;REEL/FRAME:028984/0492

STCF Information on status: patent grant

Free format text: PATENTED CASE

MAFP Maintenance fee payment

Free format text: PAYMENT OF MAINTENANCE FEE, 4TH YR, SMALL ENTITY (ORIGINAL EVENT CODE: M2551)

Year of fee payment: 4